Nmap Commands for Linux:
The Nmap ( Network Mapper ) is an open source and a very
versatile tool for Linux system/network administrators. It is a security tool for network exploration, security
scanning and auditing.
Nmap security
tool scans for Live hosts, Operating systems, packet filters and open ports
running on remote hosts.
Significant
effort has been put into decent nmap performance for
non- root users. Unfortunately, many critical kernel interfaces (such as raw
sockets) require root privileges. nmap
should be run as root when-ever possible (not setuid root, of course).
The Nmap
command syntax is:
# nmap [Scan Type(s)] [Options] {target specification}
How To install Nmap :
To install Nmap on distribution specific use the
following command.
# yum install nmap
1. Scan using IP Address:
#nmap 192.168.0.0/24
Starting Nmap 5.21 ( http://nmap.org ) at 2014-09-18 11:44 EST
Nmap scan report for 192.168.0.1
Host is up (0.0043s latency).
Not shown: 998 closed ports
PORT STATE SERVICE
80/tcp open http
443/tcp open https
2. Scan using “-v” command:
# nmap -v 192.168.0.1
Starting Nmap 4.11 ( http://nmap.org/ ) at 2014-06-14 15:43 EST
Initiating ARP Ping Scan against 192.168.0.1 [1 port] at 15:43
The ARP Ping Scan took 0.01s to scan 1 total hosts.
Initiating SYN Stealth Scan against server2.tecmint.com (192.168.0.1) [1680 ports] at 15:43
Discovered open port 22/tcp on 192.168.0.1
Discovered open port 80/tcp on 192.168.0.1
The SYN Stealth Scan took 0.30s to scan 1680 total ports.
Host server2.tecmint.com (192.168.0.1) appears to be up ... good.
Interesting ports on server2.tecmint.com (192.168.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
Nmap finished: 1 IP address (1 host up) scanned in 0.485 seconds
Raw packets sent: 1681 (73.962KB) | Rcvd: 1681 (77.322KB)
3. Scan a whole Subnet:
[root@server1 ~]# nmap 192.168.0.*
Starting Nmap 4.11 ( http://nmap.org ) at 2013-11-11 16:11 EST
Interesting ports on test1.example.com (192.168.0.1):
Not shown: 1677 closed ports
PORT STATE SERVICE
22/tcp open ssh
111/tcp open rpcbind
851/tcp open unknown
Interesting ports on test2.example.com (192.168.0.2):
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
Nmap finished: 256 IP addresses (2 hosts up) scanned in 5.550 seconds
You have new mail in /var/spool/mail/root
4. Scan a Host to check its protected by Firewall:
To scan a host if it is protected by any packet filtering software or Firewalls.
[root@server1 ~]# nmap -PN 192.168.0.1
Starting Nmap 4.11 ( http://nmap.org ) at 2013-11-11 16:30 EST
Interesting ports on test2.tecmint.com (192.168.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
Nmap finished: 1 IP address (1 host up) scanned in 0.399 seconds
5. Enable OS Detection with Nmap:
Use the option “-O” and “-osscan-guess” also helps to discover OS information.
[root@test1 ~]# nmap -O server2.tecmint.com
Starting Nmap 4.11 ( http://nmap.org ) at 2014-11-11 17:40 EST
Interesting ports on server2.tecmint.com (192.168.0.1):
Not shown: 1674 closed ports
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
111/tcp open rpcbind
No exact OS matches for host (If you know what OS is running on it, see http://nmao.org).
TCP/IP fingerprint:
SInfo(V=4.11%P=i686-redhat-linux-gnu%D=11/11%Tm=52815CF4%O=22%C=1%M=080027)
TSeq(Class=TR%IPID=Z%TS=1000HZ)
T1(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T2(Resp=N)
T3(Resp=Y%DF=Y%W=16A0%ACK=S++%Flags=AS%Ops=MNNTNW)
T4(Resp=Y%DF=Y%W=0%ACK=O%Flags=Option -O and -osscan-guess also helps to discover OS
R%Ops=)
T5(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
T6(Resp=Y%DF=Y%W=0%ACK=O%Flags=R%Ops=)
T7(Resp=Y%DF=Y%W=0%ACK=S++%Flags=AR%Ops=)
PU(Resp=Y%DF=N%TOS=C0%IPLEN=164%RIPTL=148%RID=E%RIPCK=E%UCK=E%ULEN=134%DAT=E)
Uptime 0.221 days (since Mon Nov 11 12:22:16 2014)
Nmap finished: 1 IP address (1 host up) scanned in 11.064 seconds
You have new mail in /var/spool/mail/root
6. Find Nmap version:
[root@server1 ~]# nmap -V
Nmap version 4.11 ( http://nmap.org )
You have new mail in /var/spool/mail/root
No comments:
Post a Comment